From 0f4bd89e92ba83acaf7ca9be249217df909c203c Mon Sep 17 00:00:00 2001
From: Andrew Williams <andy@tensixtyone.com>
Date: Tue, 31 May 2011 13:59:37 +0100
Subject: [PATCH] Filter extra data out of the API access logs

---
 app/api/auth.py | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/app/api/auth.py b/app/api/auth.py
index af622e6..e1dc4a4 100644
--- a/app/api/auth.py
+++ b/app/api/auth.py
@@ -1,3 +1,4 @@
+from urllib import urlencode
 from datetime import datetime
 from django.http import HttpResponseForbidden
 from django.contrib.auth.models import AnonymousUser
@@ -14,7 +15,13 @@ class APIKeyAuthentication(object):
             pass
         else:
             if keyobj and keyobj.active:
-                AuthAPILog(key=keyobj, access_datetime=datetime.utcnow(), url=request.get_full_path()).save()
+                params = request.GET.copy()
+                if params.get('apikey', None): del params['apikey']
+                if len(params):
+                    url = "%s?%s" % (request.path, urlencode(params))
+                else:
+                    url = request.path
+                AuthAPILog(key=keyobj, access_datetime=datetime.utcnow(), url=url).save()
                 request.user = AnonymousUser()
                 return True
         return False